What is SSH Connection?

0 commentsHealthcare

Learn what SSH connection is, how it works, and the benefits of using this secure protocol for remote access and data transfer.

SSH (Secure Shell) is a network protocol designed for secure access to remote servers and devices. It provides encryption of data transmitted between the client and the server, making it an indispensable tool for system administrators and developers. In this article, we will look at the basics of connecting via SSH, its configuration and use.

What is SSH?

SSH was developed as a replacement for insecure protocols such as Telnet and rlogin, which transmitted data in cleartext, including passwords. Using cryptographic methods, SSH ensures that all data, including authentication data, is protected from interception and substitution.

Basic SSH Functions

Secure Remote Control: Allows you to execute commands on a remote server as if you were standing right in front of it.

File Transfer: Provides secure file transfer using tools such as SCP (Secure Copy Protocol) and SFTP (SSH File Transfer Protocol).

Tunneling and Port Forwarding: Allows you to securely transfer data over insecure networks using SSH tunnels.

Preparing to connect via SSH

Requirements

  • SSH server on the remote machine : usually this is OpenSSH server on UNIX systems;
  • SSH client on the local machine : installed by default on Linux and macOS. For Windows, PuTTY or the built-in OpenSSH client in newer versions of Windows 10 and 11 are available;
  • Credentials : username and password or SSH key.

nstalling an SSH client

On Linux and macOS, the SSH client is usually installed by default. For Windows, there are two ways:

  • Download and install PuTTY;
  • Windows 10 and 11 users can install the OpenSSH client via Settings > Apps > Optional Features.

Connecting to a remote server

Using a password

Command syntax:

  • ssh [username]@[server_address]

Example:

After executing the command, you will be prompted to enter the user password on the remote server.

Using PuTTY (Windows)

  • Launch PuTTY;
  • In the “Host Name” field, enter [email protected] or just example.com if the username matches;
  • Click “Open”;
  • In the window that appears, enter your username and password.

Authentication with SSH keys

Using key authentication increases security and convenience by eliminating the need to enter a password each time.

Generate a key pair

On Linux/macOS:

By default, keys are saved in ~/.ssh/id_rsa (private) and ~/.ssh/id_rsa.pub (public).
ssh-keygen -t rsa -b 4096 -C “[email protected]

Installing a public key on the server

Using ssh-copy-id:

This will copy your public key to the ~/.ssh/authorized_keys file on the server.

Manual method:

  • Copy the contents of ~/.ssh/id_rsa.pub;
  • Connect to the server using a password;
  • Create the ~/.ssh directory if it does not exist: mkdir -p ~/.ssh;
  • Add the key to the authorized_keys file: echo “your_public_key” >> ~/.ssh/authorized_keys;
  • Set correct permissions: chmod 700 ~/.ssh chmod 600~/.ssh/authorized_keys.

Connection using a key

Now you can connect without entering a password:

Additional SSH features

Port Forwarding (SSH Tunneling)

Local redirect:

Allows you to forward a port from the local machine to a remote server.

Example:

Now when you access localhost:8080 you are actually connecting to example.com:80.

Remote redirection

Forwards a port from a remote server to the local machine.

Dynamic redirection (SOCKS proxy)

Allows you to create SOCKS proxies via SSH connection.

After that you can configure your browser to use localhost:local_port as a SOCKS5 proxy.

Setting up configuration files

Simplify your connection by customizing your ~/.ssh/config file.

Example:

  • Host myserver;
  • HostName example.com;
  • User user;
  • Port 22;
  • IdentityFile ~/.ssh/id_rsa.

Now you can connect with the command:

Safety Tips

  • Disable password login: in the /etc/ssh/sshd_config file on the server, set PasswordAuthentication no;
  • Change the default port: Change the port from 22 to another one to reduce the number of automatic attacks;
  • Restrict IP access: Configure your firewall to allow connections only from specific IP addresses;
  • Use SSH protocol version 2: Make sure you are using a more secure version of the protocol;
  • Update OpenSSH regularly: new versions contain vulnerability fixes.

Common problems and their solutions

Unable to connect to server

  • Check the server availability: ping example.com.
  • Check the port: Make sure the SSH port is open and not blocked by a firewall.

Permission denied

  • Make sure the permissions on the ~/.ssh directories and files are correct.
  • Check that the authentication settings on the server are correct.

Unknown host (The authenticity of the host cannot be established)

This warning means that this is the first time SSH has connected to this server. Compare the fingerprint key with the one provided by the server administrator and enter yes if they match

Leave a Reply

Your email address will not be published. Required fields are marked *